How AI has become an enabler and a threat actor in cybersecurity
Two IBM execs explain how the cybersecurity landscape has changed since AI jumped in popularity.
As the proliferation of AI continues in Australia, there is ample opportunity to use the technology for cybersecurity, but on the other hand the cyber threat of AI in cyber is an issue too.
Richa Arora, IBM Consulting Australia Cybersecurity Services Leader spoke to CRN Australia about how there are two sides to the AI in cybersecurity coin.
She explained from the last 12 to 24 months, AI has become essentially an enabler as well as a threat actor in cyber space.
“The threat landscape is constantly evolving, the threat vectors are constantly changing as well, and AI is predominantly playing a huge role in that,” she said.
“How do you take something that significantly changed that landscape and apply AI to defend AI as well. We're seeing a significant amount of change as a result of that.”
As agentic AI also gains momentum in business adoption, organisations and partners see both risk and rewards with this technology.
Mark Hughes, global managing partner of IBM Consulting Cybersecurity Services said often when new things appear, there's some degree of confusion between the two.
“There is exactly the approach that you have to embrace and use agentic AI in cybersecurity. Then there is the case for the fact that in the general landscape of the environment when introducing AI, it needs to be done securely,” he said.
The case for using agentic AI in cybersecurity is very strong, Hughes explained.
“The first thing is that threat actors are now using AI against organisations, the most simple example of that we see is phishing emails, the sloppy grammar has disappeared,” he said.
“At the very basic level, threat actors are using it in that way, but much more specifically and seriously. Now threat actor organisations, are using it to be able to reverse engineer code, for example, do research almost on the fly, run up malware very quickly.”
Hughes said what particular ransomware type tools might have taken weeks in the past to develop, now can be done in hours in response to new vulnerabilities.
“That type of pace and tempo of what is happening with the threat landscape means that the only way to counter that is to be able to get much faster and more productive in the security space itself,” he said.
A level playing field
Hughes is excited about the emergence of agentic AI in cybersecurity as it gives organisations a “leg up” against threat actors.
“For years, we've lived with the fact that threat actors have been able to do stuff to critical infrastructure, critical organisations,” he explained.
“Think about what's happened in Australia with Medicare and many other incidents that we've seen. This is now the time where we can begin to really address that balance.
“That's done through giving people the ability to have superpowers that they haven't been able before to redress that balance.”
With threat actors using AI against organisations and organisations using AI for cybersecurity, it has levelled the playing field, according to Hughes.
“They are also using AI against us, but this gives us a leg up in the ability to defend and with it, give people the opportunity to do real security often,” he said.
“Where in the past, they may have been just sucked into tasks. That's the thing that excites me the most, unleashing the capability that we have in our people to fight back and really redress that balance.”